[Webinar] Streamline your web hosting managementRegister Today

x
?
Solved

Migrated Exchange 2007 to Exchange 2010 unable to connect mobile devices with SSL cert

Posted on 2011-09-16
12
Medium Priority
?
840 Views
Last Modified: 2012-05-12
We just migrated Exchange 2007 to 2010 and mail is working however the rekeyed SSL cert is not allowing for us to log into OWA without certificate error or use mobile devices which require SSL.

Please advice on best course of action.
0
Comment
Question by:manelson05
  • 6
  • 6
12 Comments
 
LVL 23

Assisted Solution

by:Suliman Abu Kharroub
Suliman Abu Kharroub earned 2000 total points
ID: 36553113
From EMC, server config, server certificates ,,, make to assign the correct certificate to exchange services.

also  from the browser click on the certificate ro view it,, does it th correct one ?
0
 

Author Comment

by:manelson05
ID: 36553124
The error appears to be in Active Sync The Remote connectivity analyser  passes everything until it tries to connect to our domain (https:\\webmail.domain.com)
0
 
LVL 23

Accepted Solution

by:
Suliman Abu Kharroub earned 2000 total points
ID: 36553840
whats the error message you get from https://www.testexchangeconnectivity.com/ ?
0
Evaluating UTMs? Here's what you need to know!

Evaluating a UTM appliance and vendor can prove to be an overwhelming exercise.  How can you make sure that you're getting the security that your organization needs without breaking the bank? Check out our UTM Buyer's Guide for more information on what you should be looking for!

 

Author Comment

by:manelson05
ID: 36553951
I had to go home I worekd from 7am to 12am.
I just tested this fromhome for activesync, here is the error.

I am able to access OWA from offsite location but cannot authenticate.

      
      Test Steps
       
      Attempting to test potential Autodiscover URL https://milsysgroup.com/AutoDiscover/AutoDiscover.xml
       Testing of this potential Autodiscover URL failed.
       
      Test Steps
       
      Attempting to resolve the host name milsysgroup.com in DNS.
       The host name resolved successfully.
       
      Additional Details
      Testing TCP port 443 on host milsysgroup.com to ensure it's listening and open.
       The port was opened successfully.
      Testing the SSL certificate to make sure it's valid.
       The SSL certificate failed one or more certificate validation checks.
       
      Test Steps
       
      ExRCA is attempting to obtain the SSL certificate from remote server milsysgroup.com on port 443.
       ExRCA wasn't able to obtain the remote SSL certificate.
       
      Additional Details
       The certificate couldn't be validated because SSL negotiation wasn't successful. This could have occurred as a result of a network error or because of a problem with the certificate installation.
      Attempting to test potential Autodiscover URL https://autodiscover.milsysgroup.com/AutoDiscover/AutoDiscover.xml
       Testing of this potential Autodiscover URL failed.
       
      Test Steps
       
      Attempting to resolve the host name autodiscover.milsysgroup.com in DNS.
       The host name couldn't be resolved.
        Tell me more about this issue and how to resolve it
       
      Additional Details
       Host autodiscover.milsysgroup.com couldn't be resolved in DNS InfoDomainNonexistent.
      Attempting to contact the Autodiscover service using the HTTP redirect method.
       The attempt to contact Autodiscover using the HTTP Redirect method failed.
       
      Test Steps
       
      Attempting to resolve the host name autodiscover.milsysgroup.com in DNS.
       The host name couldn't be resolved.
        Tell me more about this issue and how to resolve it
       
      Additional Details
       Host autodiscover.milsysgroup.com couldn't be resolved in DNS InfoDomainNonexistent.
      Attempting to contact the Autodiscover service using the DNS SRV redirect method.
       ExRCA failed to contact the Autodiscover service using the DNS SRV redirect method.
       
      Test Steps
       
      Attempting to locate SRV record _autodiscover._tcp.milsysgroup.com in DNS.
       The Autodiscover SRV record wasn't found in DNS.
        Tell me more about this issue and how to resolve it
0
 
LVL 23

Expert Comment

by:Suliman Abu Kharroub
ID: 36553981
From RMC, server config--> client access. check the internl and external url for owa, active sync and ECP.
0
 

Author Comment

by:manelson05
ID: 36553987
I am heading to work will update in 25 minutes, will you still beonline?
0
 
LVL 23

Expert Comment

by:Suliman Abu Kharroub
ID: 36554073
Yes i will :)
0
 

Author Comment

by:manelson05
ID: 36554313
internal and external as follows

Internal https:\\servername.domain.com\owa
external https:\\webmail.domain.com
0
 
LVL 23

Assisted Solution

by:Suliman Abu Kharroub
Suliman Abu Kharroub earned 2000 total points
ID: 36554573
For what ? active sync?

then do you use http://webmail.domain.com to access owa externally ?
0
 

Author Comment

by:manelson05
ID: 36554762
I rekeyed cert, changed user permissions, users cannot be domain admins OU, then created additioanl dns entries for autodiscover.

Sulimanw, thank you sir!
0
 

Author Closing Comment

by:manelson05
ID: 36554765
SULIMANW = Professor
You did not give me answer you taught me through discovery and knowledge.

Merci, salam


Mark
0
 
LVL 23

Expert Comment

by:Suliman Abu Kharroub
ID: 36554843
You are most welcome :)

Thanks for points.
0

Featured Post

Evaluating UTMs? Here's what you need to know!

Evaluating a UTM appliance and vendor can prove to be an overwhelming exercise.  How can you make sure that you're getting the security that your organization needs without breaking the bank? Check out our UTM Buyer's Guide for more information on what you should be looking for!

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

You finally migrated Public Folders to Office 365, decommissioned the Public Folder mailbox database and since then, when you send an email from on-premise to mail-enabled Public Folders, you get the following error: "Misconfigured public folder mai…
Upgrading from older Exchange server to the latest Exchange server can be tiresome, error-prone and risky, without being a seasoned exchange server administrators. It can become even problematic if you're an organization that runs on tight timeline…
To add imagery to an HTML email signature, you have two options available to you. You can either add a logo/image by embedding it directly into the signature or hosting it externally and linking to it. The vast majority of email clients display l…
This video shows how to quickly and easily deploy an email signature for all users in Office 365 and prevent it from being added to replies and forwards. (the resulting signature is applied on the server level in Exchange Online) The email signat…
Suggested Courses
Course of the Month11 days, 12 hours left to enroll

640 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question